WordPress Website Upgrade Guide: How to Migrate from HTTP to Secure HTTPS

Planning to upgrade your WordPress site from HTTP to HTTPS? A lot of people are interested in this, especially after Google announced that starting July 2018, Chrome will mark websites that don't have SSL certificates installed as insecure.

This article will teach you how to add an SSL certificate to your WordPress site to securely complete the migration from HTTP to HTTPS.

If you don't know much about SSL or HTTPS, don't worry, I'll explain it to you in detail from start to finish.

What is HTTPS?

HTTPS, also called the secure version of HTTP, is an encryption technology used to secure your communications between your browser and the web server. This makes it harder for hackers to listen in on your connection.

We enter our personal information into different websites every day, whether it's to buy something or log into an account.

In order to ensure that this information is secure in transit, an encrypted secure connection is required.

This is where SSL certificates and the HTTPS protocol come into play.

Every website is given a unique SSL certificate to prove its identity. If a website claims to be using HTTPS but its SSL certificate does not match, most modern browsers will alert the user that the site may not be secure.

You may be thinking about why you need to switch your WordPress site from HTTP to HTTPS, especially if you're just running a simple blog or a small business site that doesn't involve payment information.

Why do you need HTTPS and SSL?

In 2018, Google launched a program to push website owners to upgrade their sites from HTTP to HTTPS in order to enhance security online. As part of this program, Google's Chrome browser began marking all websites that did not have SSL certificates installed as "insecure."

Google also noted that websites with SSL certificates installed are not only more secure, but will also gain an advantage in search engine optimization (SEO) and enjoy higher rankings. Since then, many websites have upgraded from HTTP to HTTPS.

With the implementation of this policy, Chrome now warns users that they are visiting an HTTP site that is "not secure". For example, users will see a security warning when browsing HTTP sites in incognito mode, or when trying to fill out a form on an HTTP site in normal mode.

This kind of tip can be upsetting to readers and customers who visit your website, which can negatively affect your business.

This is exactly why all websites should now migrate to HTTPS and install SSL certificates as soon as possible.

How to get an SSL certificate

To enable SSL on your WordPress site is actually quite simple. You just need to purchase an SSL certificate, and sometimes you can even get one for free.

Pagoda Panel has free SSL certificate application

Sitegronud Hosting Has Free SSL Certificate Application

WordPress backend modifies links to HTTPS

First of all, go to the backend of WordPress, click 'Settings' and then select 'General'. On this page, change 'http' to 'https' in 'WordPress Address (URL)' and 'Site Address (URL)'. 'https'.

What to do when your SSL certificate expires and how to renew it

The SSL certificate of Pagoda Panel needs to be renewed every three months, when renewing, you just need to log in Pagoda Panel and click the "Renew" button.

Aliyun's SSL certificates need to be renewed once a year. To renew, you just need to log in to Aliyun's SSL certificate management page, and then reapply as prompted.

SiteGround's SSL certificates are also renewed once a year. When it's time to renew, simply log in to SiteGround's administrative back office and resubmit your application.